Memory defragmentation in chipcards

ABSTRACT

The basic idea comprised of the present invention is to provide two sets of descriptors having each at least three descriptors and each set is used in an alternating manner for defining the location of source and target of the copy operations which are to be performed during the defragmentation procedure. The defragmentation procedure is performed as a sequence of copy operations on copy chunks, i.e., a certain number of sequentially arranged bytes to be copied being part of a valid data block to be copied. In each of said copy operations in said sequence the values which are assigned to said descriptors Change. According to a characterizing feature of the present invention during the whole sequence of copy operations comprised of the defragmentation process one of the two sets of descriptors holds information which is usable for restoring the contents of a copy chunk in case of a power break during a copy operation on said copy chunk. Thus, defragmenting is a safe procedure, and data integrity is assured.

BACKGROUND OF THE INVENTION

1. Field of the Invention

The invention relates generally to system software of computer systems,and deals more particularly with a method and system for improvingmemory defragmentation, particularly enabling chipcards to bedefragmented.

2. Description and Disadvantages of Prior Art

A new area of technology with increasing importance is represented bythe increasing use and acceptance of chipcards, sometimes calledSmartCards and their applications for many different purposes.

Memory is a limited resource on chipcards. Thus, an optimum efficientusage of memory has to be envisaged generally.

During the usage of a chipcard repeated memory allocation operations arerequired for storing fresh data and repeated memory deallocationoperations are required after deleting data in the memory of thechipcard. After a certain amount of usage in most chipcards the memoryis used ineffectively as it is ‘fragmented’, i.e., there are a number of‘valid’ data blocks distributed over the entire memory having ‘holes’between them which are only difficult to use for further storage ofdata. For a right understanding of the wording provided herein it shouldbe noted that a valid data block is meant to be a conventional set ofdata standing generally in a semantic context. ‘Valid’ is used forindicating that the contents of said block needs to be used by a programaccessing the memory. ‘Valid’ stands in contrast to ‘hole’, indicatingthat in hole positions are no valid data, i.e., the unused gaps betweenthe valid data blocks the use of the total size of them is the aim ofthe defragmentation procedure. Depending on the size of the data setbeing represented by the valid data block and the size of the copychunks a copy operation of an entire data block can comprise a pluralityof copy chunks, e.g., when the chunks are relatively small compared tothe data block. In reverse, a whole data block can be contained in asingle copy chunk, too. In application to SmartCards the memory is oftenan EEPROM and is divided into EEPROM pages as sub-unit having a size ofe.g., 64 byte.

Today's Chipcards-have different flavors of memory organization. TheEEPROM memory is a non-volatile memory which keeps personalized data ofthe chipcard holder. The typical applications today store a file systeminto the card which is more or less described in the ISO 7816/4standard.

Other implementations might involve any blocks of data to be stored inthe EEPROM. A general problem exists as mentioned above, whenever suchblocks are deleted. This problem. is called the fragmentation of memory.It appears on deletion of a block. When a memory block or a file isdeleted a ‘hole’ of unused memory is generated. New blocks being createdmay be larger than this hole, then they have to be allocated to theremaining free memory. If the newly created block is smaller than theexisting hole it might fit in this or another hole, there will, however,in most of cases be another smaller hole created which results from thedifference of the block size of the new block and the deleted block.

If blocks are deleted throughout the card's memory and other blocks arecreated frequently, the chipcard might contain an essential amount ofunused memory holes which cannot be allocated as each of them is smallerthan a requested block size. In this situation the chipcard would haveto be fragmented in order to allocate additional memory spacethereafter.

There are different approaches to reduce the impact of fragmentation.The memory may be organized in segments and each requested block issplit up in sub-blocks of one segments size. This however leaves a holeof up to one segments size-one hole on each allocated block. Thereforethis method is less effective for using the memory exhaustively. InGermany, the chipcard manufacturer ODS uses this system.

Another approach to reduce the impact of fragmentation is, to seek forthat hole existing in the chipcard whose size does have the leastdifference from the requested block size, assumed, that the block sizeis yet smaller than the selected hole. This method is called the‘Best-Fit-Algorithm’ and is the best known method to keep the impact offragmentation small.

one obvious idea to solve the fragmentation problem is thedefragmentation of the memory. Defragmentation per se is well known forhard disk drives, but not for chipcards. Available programs for harddisk defragmentation have been sold by different manufactures.Generally, the process of defragmentation copies the used memory blockssuch, that the holes between two adjacent blocks are filled. Afterdefragmentation all blocks are in continuos order, and no holes existanymore between the blocks.

Defragmentation in chipcards, however, has been considered as notfeasible by the state of the art operating system technology. Notfeasible means that until now no approach has been presented which couldbe realized with an appropriate effort and performance and which couldthus be applied within the limits of the available ROM on chipcards.

This situation is relevant for all currently discussed world wideprojects, as e.g. JAVA cards, too, where the subject of ‘garbagecollection’ could not be solved due to the existence of thedefragmentation problem.

The defragmentation problem in chipcards appears in two flavors. Thefirst problem comes from the organization of memory. Typically, thememory is organized such, that the physical addresses of memorylocations are stored within the memory itself. A so-called ‘descriptor’is intended to be general expression to mean any means for describingthe location of a particular location in memory, and in particularpointers are thus understood by that. The descriptors mentioned duringthe course of description and in the claims are to be understood in thatsense. Thus, a pointer is such a location which stores an address ofanother memory location. As most memory architectures are designed as‘linked lists’ which is one of the most effective memory architecturesthose addresses are distributed all over the memory.

Also the file access mechanisms use fixed physical addresses in order touse files or blocks allocated in memory. A defragmentation of the memorywould move memory blocks within the whole EEPROM range. Consequently,all references to physical addresses would have to be updated in thechipcard. This requires a high programming effort and will decrease theperformance significantly as in most of the cases it will be impossibleto reach two addresses to be written within one EEPROM page.

The other and decisive flavor of the defragmentation problem representsa problem which is much more difficult to solve during defragmentationof clipcards. Independent of the organization of the memory thedefragmentation will always have to copy large chunks of memory.However, chipcards must be 100% resistant against power failure, i.e.,any kind of power break-those generated by accident or others generatedby intention during an attack to the card, for example.

Consequently it must be possible on a power break, to reconstruct thememory layout of the chipcard as to the beginning or to the end of thedefragmentation.

The well known way to do the restoring is realized by so-calledBacktrace or Write Forward Buffers, a reserved memory location in EEPROMwhich allows to hold the data layout prior to any alteration of theEEPROM. Those-buffers, however, cannot work in chipcards as their sizemust be larger than the size of any copied EEPROM range

As during a complete defragmentation process up to the whole EEPROMrange might have to be copied, e.g., If a hole is in the very beginningof the EEPROM, and the memory space is a very limited resource onchipcards it is impossible to provide an appropriate Backtrace or writeforward buffer to restore the EEPROM information after a possible powerbreak.

Thus, in the state-of-the-art technology it is not possible to perform adefragmentation of the EEPROM in chipcards by keeping the rules of 100%power failure resistance.

OBJECTS OF THE INVENTION

It is thus the object of the present invention to provide adefragmentation method which requires only a minimum of programmingeffort and of additional memory space beyond the memory space beingobject to the defragmentation process while keeping the rules of 100%power failure resistance.

It is a further object of the present invention to provide a method andsystem for defragmenting memory devices in. computing devices havingreduced hardware and software resources available while keeping therules of 100% power failure resistance.

SUMMARY AND ADVANTAGES OF THE INVENTION

Said objects of the invention are achieved by the features stated inenclosed independent claims. Further advantageous arrangements andembodiments of the invention are set forth, in the respective subclaims.

The basic idea comprised of the present invention is to provide two setsof descriptors having each at least three descriptors and each set isused in an alternating manner for defining the location of source andtarget of the copy operations which are to be performed during thedefragmentation procedure. The defragmentation procedure is performed assequence of copy operations on copy chunks, i.e., a certain number ofsequentially arranged bytes to be copied being part of a valid datablock to be copied. In each of said copy operations in said sequence thevalues which are assigned to said descriptors change. According to acharacterizing feature of the present invention during the wholesequence of copy operations comprised of the defragmentation process oneof the two sets of descriptors holds information which is usable forrestoring the contents of a copy chunk in case of a power break during acopy operation on said copy chunk. Thus, defragmenting is a safeprocedure, and data integrity is assured. Basically, the providedsolution is not limited to the use in chipcards as it can be applied inconventional computer systems, too. The advantageous area ofapplication, however, are all devices having a reduced potential ofhardware and software resources, compared, e.g. to state-of-the-artpersonal computer of the year 1999, as e.g. Pentium III. So, it issuited to be applied in many future ‘mini’—computer devices, too, asthey are developed in course of the next years

It should be noted, however, that those comparisons need always to beconsidered as relative, i.e. the ‘reduced potential’ may increase duringthe next years, but should still be compared to the respectivestate-of-the-art computing devices of the future years.

According to the present invention a new solution to the defragmentationproblem is provided which works with a high performance and which solvesthe defragmentation problem and all of its further concerns perfectlyand to the whole extent.

In order to achieve the proposed solution the memory layout of thechipcard needs to be designed according to the following scheme:

Any reference to the EEPROM memory needs to be relative. The only fixedphysical addresses may be those beyond, i.e., before or after that partof EEPROM which is subjected to the procedure of defragmentation. Withinthe range to be defragmented all addresses must be relative, i.e., alength of a block may be existing but not a physical address.

Furthermore, any memory block needs an identification code beingrepresented by one or more bytes. This identification code replaces theusage of physical addresses. If memory addressing is required, e.g. dueto the selection of a file or a memory block the whole EEPROM needs tobe searched from the beginning until the appropriate identification codeis being found.

Referring to a further aspect of the present invention a method tosignificantly increase the performance of said search procedure Isprovided, too.

No other part of the ROM code may refer to any physical address in thedefragmentation portion of the EEPROM.

A power failure buffer which has advantageously the size of one sub-unitof the EEPROM, i.e. a page, e.g., of 32 or 64 bytes length, must beimplemented such that on a power break the content of this backtracebuffer is written back to the physical address being assigned for thestored data. Basically, said buffer can be used as backtrace or, as awrite forward buffer as well.

As an advantage to be associated to the inventional concepts chipcardscan be defragmented which increases the usage value of them.

In particular, the defragmentation method in chipcards can be realizedsuch that any power interruption at any time within the defragmentationprocess does not affect the data integrity of the chipcard.

Further a two-stage memory allocation is provided advantageously with adefragmentation process between a first unsuccessful attempt of memoryallocation and second later attempt of memory allocation. Therewith, adefragmentation on-demand is realized.

Further, such a defragmentation method can be advantageouslyautomatically started on demand, i.e.,when a trial to allocate memorywas not successful, or, it can be driven by a host program's controlcommand, or, by a user command, or any other event having a potentialinfluence on memory availability.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention is illustrated by way of example and is notlimited by the shape of the figures of the accompanying drawings inwhich:

FIG. 1 is a schematic representation of the essential structure of amemory blocks used according to the present invention,

FIG. 2 is a schematic representation of the essential physical andlogical elements which participate in the defragmentation processaccording to the present invention,

FIG. 3 is a schematic representation of the essential steps duringdefragmentation including the essential features of the correspondingcontrol flow.

DESCRIPTION OF THE PREFERRED EMBODIMENT

With general reference to the figures and with special reference now toFIG. 1 an example for the basic memory structure an allocated memoryblock 8 is given next below. Said memory block comprises a conventionalheader field 10 in order to fulfill conventional tasks within generalmemory management. Said header might be two bytes long and one of thebits may indicate, if the block is allocated or not.

A field 12 for the object ID comprising 1 byte in the present example isprovided according to the present invention in order to identify thepresent memory block. This identification is a must as Its functionprincipally consists in locating any particular memory block bysearching the memory sequentially. In other words, said object IDreplaces the functionality of a physical address in the memory.Advantageously, said ID is generated when the memory block is allocated.

Further, a field 13 of 1 byte is provided for holding the parentidentification of the object in the hierarchically structured namespace.

A field 14 is provided which holds information about the object type.This field is a conventional field and specifies if the memory blockdescribes a file, or a directory or any other type of logical orphysical devices in the computing unit.

Next, a field 16 for the file identification is provided. The fileidentification comprises two bytes which form the name of the file,directory, etc.

Further, there is provided a conventional field 18 holding file controlinformation, and finally, in a field 20 the data of the block are found.

With reference to FIG. 2 and just describing logical aspects of theinventional concepts and not the real implementation in hardware aschematic representation of the essential physical and logical elementswhich participate in the defragmentation process according to thepresent invention is given:

The portion 34 of the memory to be defragmented according to the methodof the present invention is structured in pages 35. The defragmentationprocess is controlled by a descriptor control unit 32. Said unit isconnected to an intermediate buffer 36 which has the function of aconventional write forward buffer, or a backtrace buffer. Principally,both ways can be taken. The operations described later with reference toFIG. 3 is realized using the connections between the memory and thecontrol unit, and the control unit and the back trace buffer,respectively.

With reference to FIG. 3 a schematic representation of the essentialsteps during the inventional defragmentation process is given includingthe essential features of the corresponding control flow. The examplerefers to defragmentation of a defragmentable portion of a chipcard'sEEPROM memory 34.

As defragmentation of the memory 34 always takes large portions of timeit is important to avoid any unnecessary defragmentation. Unnecessarydefragmentation is a defragmentation which is not necessary as there isstill enough space to allocate a block. Consequently, defragmentationaccording to a preferred aspect of the present invention is recommendedonly when a memory allocation fails due to the fact that no more memoryis available in the EEPROM.

If a block of memory is requested but no continuos memory of therequested length is available anymore in the chipcard, defragmentationis started. According to this patent proposal this has to be done by thesteps described below. Two sets of three descriptors each are provided,each set of descriptors contains the following structure:

The first descriptor contains the physical address of the memorylocation to which the rest of the EEPPROM needs to be copied to i.e. theaddress of the first available hole. It is thus calledDestinationPointer or TargetPointer for the purposes of description.

The second descriptor contains the physical address of the memorylocation from which the rest of the EEPROM should be copied i.e. theaddress of the memory allocation block after the first available hole.It is thus called SourcePointer.

The third descriptor contains the address of the second, i.e., nextavailable hole. It is thus called NextPointer for the purposes ofdescription. The length of bytes to be copied may be calculated by thedifference from the third descriptor and the second descriptor.

The three descriptors are present twice as described above.

However only one set of descriptors is active at a time. Which set ofdescriptors is active is determined by an ‘active block flag’, this isone bit of another byte in EEPROM which automatically determines thevalidity of block set 1 and block set 2. As this bit can only berecognized as either ‘1’ or ‘0’ by definition of this system there isalways one block being the active block. Thus, the flag is called a‘Valid Block Flag’.

Another flag being possibly represented through another byte in theEEPROM indicates, whether defragmentation is active. Thus, It is called‘DefragActive Flag’. The defragmentation is performed as is described inconjunction with the enumerated steps below:

Step 110: Load descriptor set 1 with the appropriate addresses (SourcePointer=start address of first hole, Target Pointer=address of validblock after hole, Next Pointer=address of next hole.

Step 120: Set the ValidBlockFlag to indicate the descriptor set 1 to bethe active block.

Step 130: Set the DefragActive Flag to the status “DefragmentationActive”.

Step 140: Copy a number of bytes up to the size of an EEPROM page to theBacktrace buffer. The start address of the bytes to be copied to theBacktrace Buffer is the address contained in the active Source Pointer.

Concerning now a special case not explicitly depicted in the drawings,in which the copy source overlaps with the end of the target, i.e., thecopy-write operation overwrites the data of it's own source. Foravoiding data loss the destination address of the entry in the backtracebuffer must be set to the content of the destination descriptor.Therefore the backtrace buffer is used in the function of awrite-forward buffer in this case.

The length of bytes to be copied is determined by the address of thedestination descriptor up to the address of the next EEPROM pageboundary in order to copy the next block in chunks of the page sizewhich will increase the speed of the defragmentation.

In case the NextPointer points to a lower value than the address of thenext EEPROM page boundary the length of bytes is determined by thedifference between the content of the NextPointer minus the content ofthe SourcePointer.

Step 150: activate the Backtrace buffer in order to allow storing thedata into the destination address after a possible power break.

Any power failure will invoke the automatic restore function of thebacktrace buffer such, that after a new power-on the data in thebacktrace buffer will be copied automatically into the destinationaddress of the backtrace record. This function is called the backtracerestore function.

Step 160: set the DestinationPointer of the non-active descriptor set tothe value of the DestinationPointer plus the number of bytes in theBacktrace buffer. Now, the DestinationPointer points to the nextlocation where to store the next data.

Step 170: Set the Source Pointer of the non-active descriptor set to thevalue of the SourcePointer of the active descriptor set plus the size ofan EEPROM page.

Decision 175, Step 180: If the SourcePointer of the non-activedescriptor set is larger than the NextPointer of the active descriptorset, then recalculate all non-active descriptors according to step 110.

Step, 190: Toggle the active descriptor set in order to make thenon-active descriptor set being the active descriptor set andconsequently the active descriptor set becomes the non-active descriptorset.

Step 200: Invoke the backtrace restore function as being performed afterpower on. This function copies the bytes of the backtrace record intothe destination address which equals the content of the activeDestinationpointer.

If the backtrace restore function was performed successfully, i.e.,without any power break—decision 202—the backtrace record is madeinvalid—step 205 and the backtrace buffer is then automatically deleted.

Step 210: Continue the process at step 140 until the defragmentation iscompleted—decision 207.

After a power break situation the whole process is continued accordingto the information stored in and read from—step 220—the BacktraceBuffer,as are at least the DefragmentationActiveFlag, ValidBlockFlag and theappropriate active block step.

Whenever the chipcard receives the first command after the Answer ToReset it processes according to the following steps:

Step 225 to 230: Check whether the DefragActive Flag is set—decision225, if no, invoke the backtrace restore function—step 227—and continuewith normal operation—step 230.

Step 240: Otherwise determine the active descriptor set according to theValidBlockFlag. Decision 245, Step 250: If the DefragActive Flag wasfound active, and the BackTraceBuffer contains valid data to becopied—decision 245—compare the address of the active DestinationPointer with the Destination address of the Backtrace Record—step 250.If the addresses match, delete the Backtrace Buffer and go to step 140of the above scenarios.

If the addresses do not match, go to step 200 of the above scenarios.

The scenarios from step 110 to step 240 describe a full functionsolution to the Defragmentation problem working at high performance.Minor alterations of the scenarios are possible, e.g. the number ofbytes to be copied to the backtrace buffer may be always the length ofan EEPROM page where the source is being fetched always from validblocks.

It should be noted that the descriptors need not necessarily contain theaddress information in form of pure addresses. Instead, they can containrelative distances between two physical addresses in order to be enabledto calculate a second physical address with the help of a first physicaladdress and said distance bit length. In this context many modificationsto the special descriptor layout are able to be appreciated by a personskilled in the art. All of them are deemed to be included in the scopeof the claims as appended below.

Further variations and additional applications of the inventive conceptscan be considered as useful, too:

A combination of the Best-Fit-Allocation mechanism can advantageouslycombined with the ‘automatic’ defragmentation method, , i.e., theon-demand feature of the present invention.

The defragmentation method can be provided such that it automaticallyresumes defragmentation after a power break.

The defragmentation method can be provided where multiple sets ofdescriptors are used in order to resume defragmentation after a powerbreak.

The defragmentation method can be advantageously used in chipcards orother computer devices having a reduced potential of hardware orsoftware resources, and any power backtrace/write forward bufferprovided thereon can be used to store information relevant for theresume of the defragmentation.

Further, the inventional method of defragmenting memory can beimplemented completely in hardware. Thus, a safe write operation can beassured.

In the foregoing specification the invention has been described withreference to a specific exemplary embodiment thereof. It will, however,be evident that various modifications and changes may be made theretowithout departing from the broader spirit and scope of the invention asset forth in the appended claims. The specification and drawings areaccordingly to be regarded as illustrative rather than in a restrictivesense.

1. Method for defragmenting a memory device (34) in which device anumber of valid data blocks (8) are copied sequentially and stepwise asa sequence of copy chunks from a first position to a second, optimizedposition in said memory device (34), the method comprising the steps of:using at least two sets of descriptors in an alternating manner, eachset of descriptors being used for defining the source location andtarget location of respective copy chunks being copied during a firstcopy operation and the location of the destination of a second copyoperation subsequent to the first copy operation; the set of descriptorsdefining the copy chunk currently being copied being updated to define alater copy chunk to be copied only after said copy chunk currently beingcopied has been successfully copied and another one of said sets ofdescriptors is being used to define a next copy chunk being copied,wherein one of the sets of descriptors always holds information used forrestoring the contents of the copy chunk currently being copied in caseof a power break during the copying thereof.
 2. The method according toclaim 1, in which a set of descriptors comprises at least threedescriptors, said descriptors being provided for holding, informationusable to define valid block positions and the positions of holesinterposed between valid blocks.
 3. The method according to claim 1, inwhich a set of descriptors comprises three descriptors, the set ofdescriptors being used for copying copy chunks, said set being organizedsuch that a first one of the descriptors comprises information on thenext hole position in the section of memory being subjected to thedefragmentation procedure, and serving as a copy destination during thenext copy operation, a second one of the descriptors comprisinginformation on the start position of the copy chunk to be copied as asource during the next copy operation, a third one comprisinginformation on the position of the next hole after said copy chunk. 4.The method according to claim 3, in which the size of said chunkscorresponds to a memory sub-unit, such as an EEPROM page.
 5. A method tooperate a chipcard holding the memory (34) to be defragmented in which amethod according to claim 1, is started automatically after a trial ofmemory allocation which could not be satisfied.
 6. The method accordingto claim 5, of which the start is triggered on a program command issuedby an application serving as a host for the computer device holding saidmemory to be defragmented, or on a predefined action of a userassociated with the computer device holding said memory to bedefragmented, or on any other predefined event.